| VID |
21082 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
"test-cgi" CGI is installed in the web-server. This CGI has a serious flaw which is that it reads the arbitrary file with the privileges of http daemon. This flaw is a notorious security flaw.
* References:
http://online.securityfocus.com/bid/1052
http://www.iss.net/security_center/static/4197.php |
| Recommendation |
Remove the sojourn.cgi file from /cgi-bin directory |
| Related URL |
CVE-2000-0180 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
